IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> HEUR:Exploit.Java.CVE-2012-1723.gen
Confused123
post 12.12.2012 23:45
Post #1


Newbie
*

Group: Members
Posts: 1
Joined: 12.12.2012




What does it mean when in a Kapersky Detected Threats Detailed Report says:

HEUR:Exploit.Java.CVE-2012-1723.gen
Object: c:/documents and settings/local/temp/jar_cache3538751170258030385.tmp
Status: Detected; not processed.

When I double click on the report and get the red DISINFECTION box, the box says disinfection impossible and my only choices are to "delete archive" or "ignore (recommended)". Can I just "ignore" this or should I do something else such as delete archive or some other action?

I am a little frustrated that I cannot find an explantion on Kaspersky about how to proceed.

Thanks for any assistance
Go to the top of the page
 
+Quote Post
carlosco612
post 13.12.2012 00:36
Post #2


Member
**

Group: Members
Posts: 28
Joined: 23.06.2011




I've know received around 15 of the same alerts from many different computers, running 8.1.0.831

Should those be manually deleted?

Why doesn't Kaspersky delete them? The task is set to delete or disinfect.
Go to the top of the page
 
+Quote Post
richbuff
post 13.12.2012 06:53
Post #3


Oldtimer
****************

Group: Moderators
Posts: 48576
Joined: 14.06.2007




Welcome. Please clear your Java cache: http://www.java.com/en/download/help/plugin_cache.xml > reboot > do a scan. Any better?


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
zoelle
post 13.12.2012 15:10
Post #4


Newbie
*

Group: Members
Posts: 4
Joined: 13.12.2012




Hi. I have the same problem. My kaspersky main window is red. Report says 2 detected threats, both HEUR:Exploit.Java.CVE-2012-1723.gen. I cleared the java cache. Reboot. The kaspersky failed to launch and was red again. Did another round of clearing cache, etc. The threats are still there. What other things can I try? I am attaching the screen shots.
Attached File(s)
Attached File  Trojan_pix_2.JPG ( 65.65K ) Number of downloads: 35
Attached File  Trojan_pix_1.JPG ( 57.64K ) Number of downloads: 37
Attached File  Trojan_pix_3.JPG ( 94.94K ) Number of downloads: 27
Attached File  Trojan_pix_6.JPG ( 47.17K ) Number of downloads: 26
 
Go to the top of the page
 
+Quote Post
zoelle
post 13.12.2012 15:17
Post #5


Newbie
*

Group: Members
Posts: 4
Joined: 13.12.2012




I'm uploading two additional screenshots showing paths for each threat.

Attached File(s)
Attached File  Trojan_pix_4.JPG ( 102.46K ) Number of downloads: 27
Attached File  Trojan_pix_5.JPG ( 104.62K ) Number of downloads: 14
 
Go to the top of the page
 
+Quote Post
zoelle
post 13.12.2012 17:35
Post #6


Newbie
*

Group: Members
Posts: 4
Joined: 13.12.2012




Hi. Since the post above, I also performed suggestions I found in other threads in this forum; to wit: to clear the temp files; to right click on the kaspersky report and delete the detection notification. This last move turned my kaspersky main window back to green. However, a round of full scan detected the same threat agaian. This tme. it's even more confusing because it resported 6 threats but the detailed report only reflected two threats--same as in the screen shots I posted earlier. I also have filed a report with Tech support at Kaspersky but it has been almost 12 hours ago and I haven't heard from them yet. Is this long delay before they respond the norm?
Go to the top of the page
 
+Quote Post
zoelle
post 13.12.2012 20:38
Post #7


Newbie
*

Group: Members
Posts: 4
Joined: 13.12.2012




I finally was able to remove the virus (Still haven't heard from Tech support). I followed the suggestion given in another thread to delete temporary files. Here's the link:

http://forum.kaspersky.com/index.php?showt...p;#entry1951456

Refer to post#3 by Robert. It turned out exactly the same way in my case. After clicking "fix", the threats vanished and a full scan confirmed that Kaspersky does not detect them anymore.

Now the question is: Is there a possibility that the virus 'mutated' into another file and is still lurking in my system? Or is it possible that it has already done its dastardly deed and left irreversible damage? I think I might have checked my bank account online whilst the trojan was present; has anything been compromised; do I change password, username, etc?
Go to the top of the page
 
+Quote Post
richbuff
post 14.12.2012 04:35
Post #8


Oldtimer
****************

Group: Moderators
Posts: 48576
Joined: 14.06.2007




Welcome.
QUOTE
Is there a possibility that the virus 'mutated' into another file and is still lurking in my system? Or is it possible that it has already done its dastardly deed and left irreversible damage?

If you suspect possible malware issue, please see the first Important topic. There, you will find instructions for logs.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
DanL242
post 16.12.2012 22:39
Post #9


Member
**

Group: Members
Posts: 30
Joined: 16.12.2012




I've been dealing with this exact same problem for about a week, but none of the suggestions has done more than a temporary fix.
I even uninstalled and reinstalled Java. No other security program I know of will detect this
and I'm thinking it's a false positive.

Any new developments on this?
Go to the top of the page
 
+Quote Post
richbuff
post 17.12.2012 02:57
Post #10


Oldtimer
****************

Group: Moderators
Posts: 48576
Joined: 14.06.2007




Welcome. Two things come to mind first:

1. Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and insure Path is selected. Right click the Detected bar again and insure File is selected.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or
png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.


2. Please see the first Important topic. There, you will find instructions for logs.

Please see the small print that is located at the bottom of this message.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
DanL242
post 26.12.2012 07:56
Post #11


Member
**

Group: Members
Posts: 30
Joined: 16.12.2012




Sorry for the delay getting back. The issue has been fixed. For some reason deleting files in the Jave console was
not deleting all files. When I clicked the "view files" button on the console there were still 3 files there.
I manually deleted 1 at a time, reboot, scan and no more problems.
Go to the top of the page
 
+Quote Post
Marine1
post 18.02.2013 01:05
Post #12


Newbie
*

Group: Members
Posts: 2
Joined: 18.02.2013




QUOTE(DanL242 @ 25.12.2012 22:56) *
Sorry for the delay getting back. The issue has been fixed. For some reason deleting files in the Jave console was
not deleting all files. When I clicked the "view files" button on the console there were still 3 files there.
I manually deleted 1 at a time, reboot, scan and no more problems.



Having same issue, even used the F9 key to take the system back to factory defaults and still have the:

huer.exploit.java.cve.cve-2012.1723.gen

any other suggestions? Thanks
Go to the top of the page
 
+Quote Post
Marine1
post 18.02.2013 01:43
Post #13


Newbie
*

Group: Members
Posts: 2
Joined: 18.02.2013




can't get the screen shot, as not sure how to get it under 300K. I have dual monitors and it is taking both. At 317K, no matter how I try to cut/crop it. Not good at this stuff.

This post has been edited by Marine1: 18.02.2013 01:44
Go to the top of the page
 
+Quote Post
richbuff
post 18.02.2013 04:34
Post #14


Oldtimer
****************

Group: Moderators
Posts: 48576
Joined: 14.06.2007




Welcome. Upload the screenshot to a filehost such as http://www.mediafire.com/
Then, post the Download link to the uploaded file.



Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and insure Path is selected. Right click the Detected bar again and insure File is selected.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or
png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



Lo-Fi Version Time is now: 31.07.2014 03:17